Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


It's Scary...It's Confusing...It's Dull: How Cybersecurity Advocates Overcome Negative Perceptions of Security

June 26, 2019


Julie Haney - NIST


Cyber attacks are on the rise, but individuals and organizations often fail to implement basic security practices and technologies. Cybersecurity advocates are security professionals who encourage and facilitate the adoption of these best practices. To be successful, they must motivate their audiences to engage in beneficial security behaviors, often by overcoming negative perceptions that security is scary, confusing, and dull/not relevant. However, there has been little prior research to explore how they do so. To address this gap, we conducted an interview study of 28 cybersecurity advocates from industry, higher education, government, and non-profits. Findings reveal a variety of real-world techniques that cybersecurity advocates employ to reach their audiences, overcome negative perceptions, and encourage good security practices. The research also permits an investigation into how advocates leverage general risk communication practices and where they have security- specific innovations. These practices may help inform approaches to security awareness and education.
Created November 28, 2023